Key skills
AzureCloudCyber SecurityFirewallsTCP/IPAzure ADOktaIdentity ManagementSingle Sign-OnCommunicationNetwork SecurityZero TrustWAF
About this role
Role Overview
- Support the Information Security Officer in designing, developing, and implementing cybersecurity and IT security solutions for MSIG – North America
- Manage Azure NSG, WAF, VPN devices, load balancers, firewalls, and other security infrastructure
- Identify, assess, and mitigate risks to ensure data and system security and integrity
- Manage and maintain the vulnerability and patch management program
- Ensure compliance with regulatory requirements and industry standards, including PCI, NYDFS, and NIST
- Collaborate with the Information Security Officer to develop and implement robust security architectures and designs to protect against cyber threats
- Lead and execute cybersecurity projects from conception to completion, ensuring effective security measures are deployed
- Monitor and manage IPS/IDS managed services, both internal and outsourced
- Maintain and update a comprehensive information security program that includes policies and processes to minimize risk and ensure data integrity and availability
- Evaluate and implement tiered defensive posturing systems and policies to defend against malware threats
- Create and maintain information security policies, standards, controls, and procedures to comply with evolving laws and regulations
- Use a risk-based approach to secure applications, databases, or infrastructure based on technology and business needs
- Manage testing and vulnerability analysis, including third-party scanning, pen testing, and network security providers
- Oversee the Identity and Access Management Platform – OKTA and Azure AD.
- Administer Illumio and Zscaler for micro-segmentation and zero trust security models to reduce attack surfaces and limit lateral movement within the network
- Conduct phishing simulation training programs to educate employees on identifying and avoiding phishing attacks
- Resolve security-related cases escalated by Level 1 Helpdesk
- Handle proxy issues requiring manufacturer intervention for final resolution
- Maintain documentation and continuously improve existing infrastructure, network/security, and audit standards
- Manage and maintain technologies such as antivirus, encryption systems, firewalls, access, and authentication technologies
- Manage off-shore support resources and vendors supporting email and security applications.
Requirements
- Bachelor's degree in computer science or a related field
- 5 to 7 years of technical experience in a security environment
- Over 3 years of experience with Security Information and Event Management (SIEM) tuning and reporting
- 5 to 7 years of experience in managing security for users, platforms, and devices, including authentication, access controls, authorization, and integration of enterprise directories with other systems in large, complex environments
- Proficiency with enterprise-class security products such as Identity Access Management, Web Access Management, and Single Sign-On
- Strong knowledge of common security frameworks and regulations, with substantial experience in cloud environments
- Expertise in security-related topics, including authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, the principle of least privilege, software attack methods, secure data transfer/storage, etc.
- Excellent verbal and written communication skills, with the ability to convey information clearly to team members, stakeholders, and senior managers
- Deep understanding of protocols such as TCP/IP, HTTP, and TLS/SSL at OSI network layers
- Experience with security tools and creating detailed documentation
- Experience managing vendor relationships with security and technology manufacturers, consultants, or VARs, including negotiating contracts and coordinating activities related to hardware, software, telecommunications, support, and training vendors.
- CompTIA Security+
- Required
- CISA
- Required
- Proficiency with Microsoft Office Suite, MS Project
Tech Stack
- Azure
- Cloud
- Cyber Security
- Firewalls
- TCP/IP
Benefits
- Healthcare and Retirement Benefits
- Comprehensive medical, dental, and vision coverage
- 401(k) with a generous employer match and profit-sharing contribution
- Wellness incentive program
- Life and accidental death and dismemberment (AD&D) insurance
- Flexible spending programs
- Short-term and long-term disability plans
- Additional Benefit Programs
- Paid time off program
- Paid charitable leave
- Paid parental leave
- Tuition reimbursement program
- Personal insurance (auto/homeowners) discounts